stackoom
  简体   繁体   中英

Log out user when JWT has expired

 原文  2021-02-03 17:37:06       javascript/ reactjs

Question

After successful login I'm storing a JWT in context/localStorage. I have my auth context setup like this. How can I use the token details iat and exp to log the user out once it expires?

Also the refresh limit is hard set at 1.

export const UserContext = createContext();

export function AdminPrivateRoute({ component: Component, ...rest }) {
  const { userInfo } = useContext(UserContext);
  const { token } = useContext(TokenContext);

  /* Token details
    exp: "",
    iat: "",
    jti: "",
    refreshCount: "",
    refreshLimit: "",
    sub: "",
  */

  console.log("userInfo in AdminPrivate", userInfo);
  return (
    <Route
      {...rest}
      render={(props) =>
        userInfo.isLoggedIn ? (
          <Component {...props} />
        ) : (
            <Redirect
              to={{
                pathname: "/login",
                state: { from: props.location },
              }}
            />
          )
      }
    />
  );
}

export function UserProvider({ children }) {
  const history = useHistory();
  const [userInfo, setUserInfo] = useLocalStorage("user", {
    isLoggedIn: false,
    type: "",
    id: "",
    attributes: {
      fullName: "",
      token: "",
    },
  });

  const value = useMemo(() => ({
    userInfo, setUserInfo, logout: user => {
      setUserInfo({
        isLoggedIn: false,
        type: "",
        id: "",
        attributes: {
          fullName: "",
          token: "",
        },
      })
      history.push("/login");
    }
  }), [userInfo])

  return <UserContext.Provider value={value}>{children}</UserContext.Provider>;
}

Basic routing setup

<Router>
  <ResourcesProvider>
    <UserProvider>
      <TokenProvider>
          <Switch>
            <Redirect exact path="/" to="/login" />
            <Route path="/login" component={LoginForm} />
            <AdminPrivateRoute path="/dashboard" component={Dashboard} />
          </Switch>
      </TokenProvider>
    </UserProvider>
  </ResourcesProvider>
</Router>

1 answers

solution1
 2  2021-02-03 18:40:45

Like bravemaster said you normally dont need to decode a token just for the expiry time of the token.
A token can become invalid when it expires or when it gets invalidated by the auth provider.
Typically your server application should validate the token on each request. If it's invalid it should send a http 403 status to the client.
That 403 status you can handle on your client: you can either request a new auth-token with your refresh token or you can redirect the user to a login page or log out the user.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question React: How to log user out if their cookie is expired? React Native app logs out when jwt refresh token is not expired How to alert when Session (JWT) has expired in React/Redux Logout user on expired JWT token AJAX function to detect when session is expired and log out How to force log out after session expired? How do you use react-router-dom to redirect user when token has expired? Refresh Token call when Access token expired using JWT token Handling Autologin with expired jwt Twilio JWT Token expired
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM